[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Authmeth/DIGEST-MD5

To: Rob Byrne - Sun Microsystems <rbyrne@france.sun.com>
Subject: Re: Authmeth/DIGEST-MD5
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.Org>
Date: Thu, 15 Jul 1999 08:45:58 -0700
Cc: ietf-ldapext@netscape.com
Organization: OpenLDAP <http://www.openldap.org/>
References: <CB6657D3A5E0D111A97700805FFE6587120AF422@RED-MSG-51> <378D966D.AB3CE6D9@france.sun.com>
Resent-date: Thu, 15 Jul 1999 08:43:03 -0700 (PDT)
Resent-from: ietf-ldapext@netscape.com
Resent-message-id: <"p2xC4C.A.MkG.8Fgj3"@glacier>
Resent-sender: ietf-ldapext-request@netscape.com

Rob Byrne - Sun Microsystems wrote:
> Did you get a reply to the question below which you sent to ldapext ? I
> didn't see any reply, but I may have missed it.

No reply yet.  [trimmed message forwarded to LDAPext...]

>Kurt wrote:
>> "What should the value of the DN field be client's initial
>> BIND/SASL/DIGEST-MD5 request?

Can a server require a DN in the request?  (to determine which realm
to response with)

>> If empty, how should servers determine which realm to respond?

Could place authzid into credentials of first request?

>> If non-empty, how should servers to clients providing empty DN?

(should read "how should servers respond to clients providing empty DN?")
Would an empty DN cause a default realm to be sent?  Or an cause
a fallback to anonymous bind (yuk)?  or...?

>> What should the value of the DN field be for second request?
>> 
>> If value differs from initial request, what should the server's
>> response be?"
>> 

	Kurt

Prev by Date: Re: object class 'alias'
Next by Date: Re: object class 'alias'
Index(es):
- Chronological
- Thread